117.74.65.29 Threat Intelligence and Host Information

Share on:
May 05, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDOS, DDoS, HEAD Floods, KillNet, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4837 china unicom china169 backbone
  • Noticed: 21 times
  • Protcols Attacked: SSH

Open Ports Detected

100 1000 10000 10001 102 1023 1024 10243 104 10443 1099 11 111 11211 113 11300 119 12000 1234 1311 1337 13579 1400 14147 14265 143 1433 1471 15 1521 16010 1604 16992 16993 17 17000 1723 179 18081 18245 19 1911 1935 1962 2000 20000 2002 2012 2021 2048 2049 2053 20547 2067 2077 2079 2082 2083 2086 2087 21025 2121 2181 22 2200 222 2222 22222 2223 23 23023 2323 2332 2375 2379 2404 2443 2455 25105 2525 26 2601 264 27017 28015 3000 3001 3002 3050 3121 3128 32400 33060 3333 3541 3542 3551 3689 37 37215 3749 3780 3790 389 4000 4001 4022 4040 4118 4321 4369 444 4443 448 44818 4506 4567 4664 4782 4840 4848 4899 49152 49153 50000 5005 50050 5006 5007 50100 5090 51235 515 5222 52869 5357 541 548 5500 554 555 5555 5560 5601 5672 5801 5900 5909 5910 5984 5985 5986 6000 60001 6001 6002 6003 6004 6010 61613 62078 631 6363 6443 666 6666 6667 70 7010 7070 7170 7443 7474 7547 7657 771 79 80 8000 8002 8003 8005 8007 8008 8009 801 8010 8011 8013 8014 8016 8018 8020 8021 8023 8024 8025 8026 8029 8031 8034 8035 8036 8040 8044 8045 8053 8054 8056 8058 8060 8066 8069 8071 8080 8081 8083 8085 8086 8087 8089 8090 8093 8097 8098 81 8103 8110 8112 8118 8140 8180 8181 8182 82 8200 8282 8291 83 8333 8334 8383 84 8444 8545 8554 86 8649 8728 873 88 8800 8808 8834 8877 8888 8889 8890 89 8989 8999 90 9000 9001 9002 9003 9009 9010 902 9042 9043 9051 9080 9090 9091 9092 9094 9095 9096 9100 9160 9295 9300 9304 9305 9306 943 9443 9444 9527 9530 9595 9600 992 993 994 9943 9944 995 9981 999 9993 9994 9999

CVEs Detected

CVE-2005-2946 CVE-2005-2969 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-7250 CVE-2007-3108 CVE-2007-5135 CVE-2008-5077 CVE-2008-7270 CVE-2009-0590 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1386 CVE-2009-1387 CVE-2009-1523 CVE-2009-1524 CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2009-4609 CVE-2009-4610 CVE-2009-4611 CVE-2009-4612 CVE-2009-5048 CVE-2009-5049 CVE-2010-0433 CVE-2010-0742 CVE-2010-4180 CVE-2010-4252 CVE-2010-5298 CVE-2011-1473 CVE-2011-1945 CVE-2011-4108 CVE-2011-4461 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2333 CVE-2013-0166 CVE-2013-6449 CVE-2014-0076 CVE-2014-0224 CVE-2014-3470 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8176 CVE-2014-8275 CVE-2015-0204 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3195 CVE-2015-4000 CVE-2016-0703 CVE-2016-0704 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-7056 CVE-2020-1938 CVE-2021-28116 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-4044 CVE-2021-46784 CVE-2022-41317 CVE-2022-41318

Map

Whois Information

  • inetnum: 117.74.64.0 - 117.74.79.255
  • netname: baolirongtong
  • descr: Poly facility (Beijing) Technology Co., Ltd.
  • country: CN
  • admin-c: JX1666-AP
  • tech-c: JX1666-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-CNNIC-CN
  • last-modified: 2021-06-16T01:30:52Z
  • irt: IRT-CNNIC-CN
  • address: Beijing, China
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-06-16T01:39:57Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Jia Xiaojie
  • address: A4, 5th Floor, Tower C, Triumph Plaza, Unit A, No 143,
  • address: Xizhimengwai Street, Xicheng District, Beijing, China.
  • country: CN
  • nic-hdl: JX1666-AP
  • e-mail: [email protected]
  • phone: +86-13911055600
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-04-25T07:42:02Z
  • route: 117.74.64.0/20
  • descr: CNC Group CHINA169 Hebei Province Network
  • descr: Addresses from CNNIC(YUTELNET)
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2008-09-04T07:55:02Z

Links to attack logs

roxy-ip-list-2023-05-03